login.newscorpaustralia.com
Open in
urlscan Pro
104.89.9.110
Public Scan
Effective URL: https://login.newscorpaustralia.com/login?state=hKFo2SA3amJJMEQ5OTdManlXcmZCc2VndDlDSVZjWWVoN3VmMqFupWxvZ2luo3RpZNkgOU5laEFDV3FVZHhh...
Submission: On July 14 via api from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 11th 2021. Valid for: a year.
This is the only time login.newscorpaustralia.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 13.111.42.15 13.111.42.15 | 22606 (EXACT-7) (EXACT-7) | |
1 19 | 85.222.140.13 85.222.140.13 | 14340 (SALESFORCE) (SALESFORCE) | |
1 | 151.101.65.175 151.101.65.175 | 54113 (FASTLY) (FASTLY) | |
12 | 13.239.107.226 13.239.107.226 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 65.9.86.68 65.9.86.68 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 99.86.4.22 99.86.4.22 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 151.101.130.137 151.101.130.137 | 54113 (FASTLY) (FASTLY) | |
3 | 162.247.243.146 162.247.243.146 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 10 | 104.89.9.110 104.89.9.110 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
2 | 143.204.207.119 143.204.207.119 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:401... 2a00:1450:4014:80f::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.75.88.206 104.75.88.206 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:82f::2003 | 15169 (GOOGLE) (GOOGLE) | |
59 | 13 |
ASN22606 (EXACT-7, US)
PTR: click.e.newscorpaus.com.au
click.e.newscorpaus.com.au |
ASN14340 (SALESFORCE, US)
PTR: sledge1-fra.slb.sfdcsvc.net
myprofile.news.com.au |
ASN16509 (AMAZON-02, US)
PTR: ec2-13-239-107-226.ap-southeast-2.compute.amazonaws.com
apps.mypurecloud.com.au |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-68.ams1.r.cloudfront.net
api-cdn.mypurecloud.com.au |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-22.fra6.r.cloudfront.net
api.mypurecloud.com.au |
ASN16625 (AKAMAI-AS, US)
PTR: a104-89-9-110.deploy.static.akamaitechnologies.com
login.newscorpaustralia.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-119.fra53.r.cloudfront.net
cdn.auth0.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-206.deploy.static.akamaitechnologies.com
resourcesssl.newscdn.com.au |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
news.com.au
1 redirects
myprofile.news.com.au |
2 MB |
16 |
mypurecloud.com.au
apps.mypurecloud.com.au — Cisco Umbrella Rank: 397510 api-cdn.mypurecloud.com.au — Cisco Umbrella Rank: 754101 api.mypurecloud.com.au — Cisco Umbrella Rank: 446713 |
310 KB |
10 |
newscorpaustralia.com
1 redirects
login.newscorpaustralia.com — Cisco Umbrella Rank: 102160 |
60 KB |
3 |
nr-data.net
bam-cell.nr-data.net — Cisco Umbrella Rank: 1646 |
3 KB |
2 |
auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 9313 |
238 KB |
1 |
gstatic.com
www.gstatic.com |
145 KB |
1 |
newscdn.com.au
resourcesssl.newscdn.com.au — Cisco Umbrella Rank: 73649 |
9 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 17 |
965 B |
1 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 477 |
16 KB |
1 |
kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4140 |
1 KB |
1 |
newscorpaus.com.au
1 redirects
click.e.newscorpaus.com.au |
205 B |
59 | 11 |
Domain | Requested by | |
---|---|---|
19 | myprofile.news.com.au |
1 redirects
myprofile.news.com.au
|
12 | apps.mypurecloud.com.au |
myprofile.news.com.au
apps.mypurecloud.com.au |
10 | login.newscorpaustralia.com |
1 redirects
myprofile.news.com.au
login.newscorpaustralia.com cdn.auth0.com |
3 | bam-cell.nr-data.net |
apps.mypurecloud.com.au
js-agent.newrelic.com |
2 | cdn.auth0.com |
login.newscorpaustralia.com
cdn.auth0.com |
2 | api.mypurecloud.com.au |
apps.mypurecloud.com.au
|
2 | api-cdn.mypurecloud.com.au |
apps.mypurecloud.com.au
|
1 | www.gstatic.com |
www.google.com
|
1 | resourcesssl.newscdn.com.au |
login.newscorpaustralia.com
|
1 | www.google.com |
login.newscorpaustralia.com
|
1 | js-agent.newrelic.com |
apps.mypurecloud.com.au
|
1 | nebula-cdn.kampyle.com |
myprofile.news.com.au
|
1 | click.e.newscorpaus.com.au | 1 redirects |
59 | 13 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
myprofile.news.com.au Trusted Secure Certificate Authority 5 |
2022-04-27 - 2023-05-07 |
a year | crt.sh |
*.kampyle.com GlobalSign Atlas R3 DV TLS CA 2022 Q1 |
2022-02-22 - 2023-03-26 |
a year | crt.sh |
mypurecloud.com.au Amazon |
2021-10-21 - 2022-11-19 |
a year | crt.sh |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2 |
2022-07-10 - 2023-08-11 |
a year | crt.sh |
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-01-10 - 2023-02-10 |
a year | crt.sh |
news.com.au DigiCert SHA2 Secure Server CA |
2021-11-11 - 2022-11-11 |
a year | crt.sh |
*.auth0.com Amazon |
2022-03-26 - 2023-04-24 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2022-06-27 - 2022-09-19 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://login.newscorpaustralia.com/login?state=hKFo2SA3amJJMEQ5OTdManlXcmZCc2VndDlDSVZjWWVoN3VmMqFupWxvZ2luo3RpZNkgOU5laEFDV3FVZHhhMVItRnR0akVpc1lsbmVBbFdTTDCjY2lk2SA0a3BMVzFzOFlIc2pvRnY3MHVSd0hkT2pJZzNzRTg1QQ&client=4kpLW1s8YHsjoFv70uRwHdOjIg3sE85A&protocol=samlp&prevent_sign_up=true&prompt=none&site=NewsComAu
Frame ID: 3624465B0081B5E2DA5838B027532905
Requests: 46 HTTP requests in this frame
Frame:
https://apps.mypurecloud.com.au/messenger/messenger.html
Frame ID: 124278FFE4353B35F6BFF144753F6110
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
Log inPage URL History Show full URLs
-
https://click.e.newscorpaus.com.au/?qs=2a0af5cbf1475c36d8593ce7dcb415bdb3ec02c08c37fdfd7cc9253035b63fcf457bf30a...
HTTP 302
https://myprofile.news.com.au/ HTTP 301
https://myprofile.news.com.au/s/ Page URL
-
https://login.newscorpaustralia.com/samlp/4kpLW1s8YHsjoFv70uRwHdOjIg3sE85A?prevent_sign_up=true&prompt=none&site...
HTTP 302
https://login.newscorpaustralia.com/login?state=hKFo2SA3amJJMEQ5OTdManlXcmZCc2VndDlDSVZjWWVoN3VmMqFupWxvZ2luo3Rp... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Akamai Bot Manager (Security) Expand
Detected patterns
Auth0 Lock (Miscellaneous) Expand
Detected patterns
- /lock/([\d.]+)/lock(?:.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Genesys Cloud (Marketing automation) Expand
Detected patterns
- apps\.mypurecloud\.\w+
reCAPTCHA (Captchas) Expand
Detected patterns
- /recaptcha/api\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.e.newscorpaus.com.au/?qs=2a0af5cbf1475c36d8593ce7dcb415bdb3ec02c08c37fdfd7cc9253035b63fcf457bf30a3d55f0acbbc0c5b0f077f7872f9ccda532574d8d
HTTP 302
https://myprofile.news.com.au/ HTTP 301
https://myprofile.news.com.au/s/ Page URL
-
https://login.newscorpaustralia.com/samlp/4kpLW1s8YHsjoFv70uRwHdOjIg3sE85A?prevent_sign_up=true&prompt=none&site=NewsComAu
HTTP 302
https://login.newscorpaustralia.com/login?state=hKFo2SA3amJJMEQ5OTdManlXcmZCc2VndDlDSVZjWWVoN3VmMqFupWxvZ2luo3RpZNkgOU5laEFDV3FVZHhhMVItRnR0akVpc1lsbmVBbFdTTDCjY2lk2SA0a3BMVzFzOFlIc2pvRnY3MHVSd0hkT2pJZzNzRTg1QQ&client=4kpLW1s8YHsjoFv70uRwHdOjIg3sE85A&protocol=samlp&prevent_sign_up=true&prompt=none&site=NewsComAu Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://click.e.newscorpaus.com.au/?qs=2a0af5cbf1475c36d8593ce7dcb415bdb3ec02c08c37fdfd7cc9253035b63fcf457bf30a3d55f0acbbc0c5b0f077f7872f9ccda532574d8d HTTP 302
- https://myprofile.news.com.au/ HTTP 301
- https://myprofile.news.com.au/s/
59 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
myprofile.news.com.au/s/ Redirect Chain
|
168 KB 34 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aura_prod.js
myprofile.news.com.au/s/sfsites/auraFW/javascript/QPQi8lbYE8YujG6og6Dqgw/ |
776 KB 244 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
myprofile.news.com.au/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-2.11.8-238.4-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%2... |
2 MB 471 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
genesys.min.js
apps.mypurecloud.com.au/genesys-bootstrap/ |
178 KB 54 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.css
myprofile.news.com.au/s/sfsites/runtimedownload/ |
0 595 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
resources.js
myprofile.news.com.au/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22QPQi8lbYE8YujG6og6Dqgw%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A... |
15 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.js
myprofile.news.com.au/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22QPQi8lbYE8YujG6og6Dqgw%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A... |
854 KB 141 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.css
myprofile.news.com.au/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%220DbugO... |
983 KB 122 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
domains.json
api-cdn.mypurecloud.com.au/webdeployments/v1/deployments/87ae5cf9-ac9f-4c77-9af4-5ba03da2e5fd/ |
596 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.json
api-cdn.mypurecloud.com.au/webdeployments/v1/deployments/87ae5cf9-ac9f-4c77-9af4-5ba03da2e5fd/ |
544 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
journey.min.js
apps.mypurecloud.com.au/journey/messenger-plugins/ |
99 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
offersHelper.min.js
apps.mypurecloud.com.au/journey/messenger-plugins/ |
12 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
messenger.html
apps.mypurecloud.com.au/messenger/ Frame 1242 |
1 KB 947 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newrelic-agent.js
apps.mypurecloud.com.au/messenger/newrelic/ Frame 1242 |
28 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
beacons
api.mypurecloud.com.au/api/v2/journey/deployments/87ae5cf9-ac9f-4c77-9af4-5ba03da2e5fd/customers/c2910a3d-0c1f-4509-8c28-e89c3dd51f25/ |
0 840 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aura
myprofile.news.com.au/s/sfsites/ |
4 MB 386 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
all.css
myprofile.news.com.au/resource/1625040237000/NewsCorpAssets/NewsCorpAssets/fontawesome5/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
newsCorpCustomCSS.css
myprofile.news.com.au/resource/1625040237000/NewsCorpAssets/NewsCorpAssets/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
TimesClassicDisplay.woff
myprofile.news.com.au/resource/TimesClassic/ |
25 KB 25 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Roboto-Regular.ttf
myprofile.news.com.au/resource/Roboto/ |
167 KB 167 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cxbus.min.js
apps.mypurecloud.com.au/cxbus/ Frame 1242 |
20 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
aura
myprofile.news.com.au/s/sfsites/ |
94 KB 27 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
defaultVendors.min.js
apps.mypurecloud.com.au/messenger/ Frame 1242 |
297 KB 80 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors.min.js
apps.mypurecloud.com.au/messenger/ Frame 1242 |
141 KB 45 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.min.js
apps.mypurecloud.com.au/messenger/ Frame 1242 |
145 KB 44 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
engage.min.js
apps.mypurecloud.com.au/messenger/ Frame 1242 |
81 KB 26 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
aura
myprofile.news.com.au/s/sfsites/ |
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-spa-1208.min.js
js-agent.newrelic.com/ Frame 1242 |
42 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-us.json
apps.mypurecloud.com.au/messenger/i18n/ Frame 1242 |
5 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ping
api.mypurecloud.com.au/api/v2/journey/deployments/87ae5cf9-ac9f-4c77-9af4-5ba03da2e5fd/customers/c2910a3d-0c1f-4509-8c28-e89c3dd51f25/ |
14 B 898 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7a5b0de38e
bam-cell.nr-data.net/1/ Frame 1242 |
49 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
date-en.min.js
apps.mypurecloud.com.au/messenger/i18n/vendors/ Frame 1242 |
477 B 839 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
login
login.newscorpaustralia.com/ Redirect Chain
|
82 KB 22 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
F
myprofile.news.com.au/profilephoto/005/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
News.png
myprofile.news.com.au/resource/1639034195000/Masthead_compressed_metros/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Footer-phone-icon.svg
myprofile.news.com.au/resource/1625040238000/branding_assets_metros_theme/ |
741 B 897 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Footer-email-icon.svg
myprofile.news.com.au/resource/1625040238000/branding_assets_metros_theme/ |
824 B 959 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
7a5b0de38e
bam-cell.nr-data.net/ins/1/ Frame 1242 |
0 786 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
7a5b0de38e
bam-cell.nr-data.net/events/1/ Frame 1242 |
24 B 851 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
aura
myprofile.news.com.au/s/sfsites/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
aura
myprofile.news.com.au/s/sfsites/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
auraAnalytics
myprofile.news.com.au/s/sfsites/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
7a5b0de38e
bam-cell.nr-data.net/events/1/ Frame 1242 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
7a5b0de38e
bam-cell.nr-data.net/jserrors/1/ Frame 1242 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c98e183
login.newscorpaustralia.com/akam/13/ |
26 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lock.min.js
cdn.auth0.com/js/lock/11.27.1/ |
830 KB 236 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
850 B 965 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HxUQCs
login.newscorpaustralia.com/nR6tI_/x74ysb/C/hEl/h-9xsWo1/ic5EhQthXY/BUYyEwh-WAY/F2xYY/ |
84 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
resourcesssl.newscdn.com.au/cs/auth0/images/newscomau/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
HxUQCs
login.newscorpaustralia.com/nR6tI_/x74ysb/C/hEl/h-9xsWo1/ic5EhQthXY/BUYyEwh-WAY/F2xYY/ |
18 B 812 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ |
366 KB 145 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
157 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.js
cdn.auth0.com/js/lock/11.27.1/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4kpLW1s8YHsjoFv70uRwHdOjIg3sE85A.js
login.newscorpaustralia.com/client/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
challenge
login.newscorpaustralia.com/usernamepassword/ |
18 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
HxUQCs
login.newscorpaustralia.com/nR6tI_/x74ysb/C/hEl/h-9xsWo1/ic5EhQthXY/BUYyEwh-WAY/F2xYY/ |
18 B 791 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel_c98e183
login.newscorpaustralia.com/akam/13/ |
0 686 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ssodata
login.newscorpaustralia.com/user/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
HxUQCs
login.newscorpaustralia.com/nR6tI_/x74ysb/C/hEl/h-9xsWo1/ic5EhQthXY/BUYyEwh-WAY/F2xYY/ |
18 B 792 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- myprofile.news.com.au
- URL
- https://myprofile.news.com.au/s/sfsites/aura?r=3&aura.Component.reportFailedAction=1&other.MyAcc_AccountName.getMenu=1&other.MyAcc_AccountName.getMenuDefault=1&other.MyAcc_Base.getProfileInfo=1&other.MyAcc_Base.getUserName=1&other.MyAcc_Content.getMenu=1&other.MyAcc_ContentFooter.getConInfo=1&other.MyAcc_ContentFooter.getFooterDisplay=1&other.MyAcc_ContentFooter.getFooterDisplayLogo=1&other.MyAcc_ContentFooter.getFooterDisplayText=1&other.MyAcc_ContentFooter.getProfileName=1&other.MyAcc_ContentFooter.getsrcLogo=1&other.MyAcc_ThemedLayout.getBrandingName=4&other.MyAcc_VerticalNav.getMenu=1&other.MyAcc_VerticalNav.getMenuDefault=1&other.MyAcc_VerticalNav.getUserProfile=1&other.MyAcc_VerticalNav.getsrcLogo=1&ui-communities-components-aura-components-forceCommunity-navigationMenu.NavigationMenuDataProvider.getNavigationMenu=1
- Domain
- myprofile.news.com.au
- URL
- https://myprofile.news.com.au/s/sfsites/aura?r=4&other.MyAcc_VerticalNav.getNotificationCount=1
- Domain
- myprofile.news.com.au
- URL
- https://myprofile.news.com.au/s/sfsites/auraAnalytics
- Domain
- bam-cell.nr-data.net
- URL
- https://bam-cell.nr-data.net/events/1/7a5b0de38e?a=1213187846&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=5077&ck=1&ref=https://apps.mypurecloud.com.au/messenger/messenger.html
- Domain
- bam-cell.nr-data.net
- URL
- https://bam-cell.nr-data.net/jserrors/1/7a5b0de38e?a=1213187846&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=5078&ck=1&ref=https://apps.mypurecloud.com.au/messenger/messenger.html
- Domain
- login.newscorpaustralia.com
- URL
- https://login.newscorpaustralia.com/user/ssodata
Verdicts & Comments Add Verdict or Comment
31 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| bazadebezolkohpepadr object| Auth0 function| Auth0Lock function| Auth0LockPasswordless function| webpackHotUpdate object| mready object| _acxj object| _cf object| bmak undefined| bm_counter object| bm_script undefined| scripts string| bm_url object| url_split string| obfus_state_field string| state_field_str string| _sd_trace object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| urhehlevkedkilrobacf object| recaptcha17 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
login.newscorpaustralia.com/usernamepassword/login | Name: _csrf Value: 1zAtAmsXDYicM25t-h6X4NXd |
|
.myprofile.news.com.au/s | Name: renderCtx Value: %7B%22pageId%22%3A%22ab0d424b-4062-47c9-95f8-07c3383e5d37%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%22923c573b-a87e-4e95-8b8b-21ccb9007df9%22%2C%22audienceIds%22%3A%22%22%7D |
|
myprofile.news.com.au/ | Name: CookieConsentPolicy Value: 0:1 |
|
myprofile.news.com.au/ | Name: LSKey-c$CookieConsentPolicy Value: 0:1 |
|
.myprofile.news.com.au/ | Name: CookieConsentPolicy Value: 0:0 |
|
.myprofile.news.com.au/ | Name: LSKey-c$CookieConsentPolicy Value: 0:0 |
|
myprofile.news.com.au/ | Name: sfdc-stream Value: !JN/Dm/HibvSQr2Nt+Q0oje+pinY/9duSgtM8KvQl2hTTIjmpnblQoD3F8M51aJ8lsGMnoZPWStZ2y+c= |
|
.nr-data.net/ | Name: JSESSIONID Value: b268a6b66d239766 |
|
login.newscorpaustralia.com/ | Name: did Value: s%3Av0%3Adad9b250-0315-11ed-9760-815624d9ae08.we4ATeaPKg48z3Jhsjb52r6oSjvPpmS7as8MuW%2FflWU |
|
login.newscorpaustralia.com/ | Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQI8p9sBGb01KlVaANM9u6IwXWgkwMMwmYIEdX7eD8JxdxZdf5EFiU1mzdtO2abzW1Sru9q_ck6gHoJoAMBCRV7CmY29va2llg6dleHBpcmVz1__iBVQAYtNoZ65vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.A%2Fhjm3V7PUw7%2Bnflxjh3pBoeazFF5uAyRb%2F0Pk9m6fo |
|
login.newscorpaustralia.com/ | Name: did_compat Value: s%3Av0%3Adad9b250-0315-11ed-9760-815624d9ae08.we4ATeaPKg48z3Jhsjb52r6oSjvPpmS7as8MuW%2FflWU |
|
login.newscorpaustralia.com/ | Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQI8p9sBGb01KlVaANM9u6IwXWgkwMMwmYIEdX7eD8JxdxZdf5EFiU1mzdtO2abzW1Sru9q_ck6gHoJoAMBCRV7CmY29va2llg6dleHBpcmVz1__iBVQAYtNoZ65vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.A%2Fhjm3V7PUw7%2Bnflxjh3pBoeazFF5uAyRb%2F0Pk9m6fo |
|
.newscorpaustralia.com/ | Name: bm_sz Value: F2350AE4BEF4592065C94C5294E70771~YAAQXOF7XEf5zeuBAQAAnsJc+hBAM3ty0zdl8pDCmxg0rH0/qRjTYQ4U4Slvi5FHwhbVGoFHwTLCJzvEVTA2ESt7mgRZbkzDCCC2Gdpo7r85qyVG+vz/XrlhCrBhRAVOr5t6XrgNMHk8lu5sziI2pUgphv6aLf/A90LMk4EerYURsLa7sEg7esG67KZDA1D+cKHP3MR7aO4nMqmZe9tS7dEta72r0ceFdjZkl7SLAS8KqdgwZPu6rpSj6cHjsb/HTG0FvsDz/7d8M9xQTHfL6ZINQv/uR7Za7hpW7cNOzGrroxMmxIwGTYieV4V8DA==~3683397~4343095 |
|
.newscorpaustralia.com/ | Name: bm_mi Value: 720F30370EAE3EE1FD3AB74F44B3F922~YAAQXOF7XEj5zeuBAQAAfcVc+hD2oIbG3lhG+1piAT7wQJt2O5A5Q8VWdlxBR2MgsSEVKttTOn2+I6aR86Rw/YDkPM30ch2WimG7yYFEM7vYNG3JwVgYMWto4mqEtvkr+DvQ8C8D5FswMRm7tpsC6zBpFJgox90Pkp+FS0PhXV9dIHwhP9voP79Rc1+g2Nb4Wf8vI5o8LatNzJ8amNROeevrJHWX1I/SSvoE/fhzBmH4nQYqmJ5RXRM4ugB4KusH9tJALMaRfSyhU3eKRa1LjILf5/bViUOKF42kzB+Dys+pok8vxsf1fbytRjH0FhUjyUJESjTpzXO4mzxV~1 |
|
.newscorpaustralia.com/ | Name: ak_bmsc Value: 44A7CEE6EC95C9C6A84514054ED8DDD4~000000000000000000000000000000~YAAQXOF7XE75zeuBAQAA8chc+hD8rkqIsTgpQpIQtIP4shaxZFjh6nQIhsdIzm9U22SXQSIgAEAvvlHg6QVO7IwOvUO81knPnw624QacUys1TcQtOnpqW64ky7nIdeRJ3XW6zrtkZphIERJdik7I/nfr1qecznYogctBqxED6OYyJWlHPTc9QaRZxfC0JbVlp5q+lv4oIp17/75NTwiL7OvQ2aQ1yUIn+VyTmV/XcuMQm00QJmQ6EzvDY78Cx1ru9kaJ+RKUAVbIl3EZgnARwI5hBvyQ9ZMQASNxjRicvdwg8D/glmAHyJ9t3h5KaH5IN7MHwcPJdahKo8r9RaXbbTaalV5BVs/dmB6dZrW+UrZ171MhcPwnUGBnI0lgDWx2ckWlLP6faVYyROlr0EpJXiB5lB7w8PeE/Xs0WSUCzgIG3FA= |
|
.newscorpaustralia.com/ | Name: bm_sv Value: A12E6505E652FE505687A7937B6E1323~YAAQXOF7XFD5zeuBAQAAgctc+hDwzHNy2fN4B/rNvLoharGUwvdqvfxIyKjitkLdFcORVvkZc3EKg8a9f+uOczhYA4jTXaVaNtZVHUiLeNEA1G60A2O1TJfudt+kMq51nDQfRR4lq6+jNZ7bfDCu3xvC2gKhaEdmGbrl+glPNh3TsoYlerOOliLqxE8C7VAmIoE5tvJxJgUOKlbdp9BbtbX9kaD/hCfyM9RHp+BmCn9sp4C1OHq3TuEGHsLgpKQYjtB1F327KRC+28Y=~1 |
|
.newscorpaustralia.com/ | Name: _abck Value: 72CF4982BB3C3B9D7716D81F66BE42CC~-1~YAAQXOF7XFH5zeuBAQAAIsxc+gjPje6RIGW+691nQinmhJCEJjzox7/dLjqvuFF0mSpZf9gqN4EPHsUENUs3ZIBUGxEty0DftLGC41ViZWBPFaGbYodfSYngvJJnF/FZLFx9cIpu2Jtt3J3OdmC9PgOCBwRklcQyf4KQ39lXfmuj3smZHymXx4RWCnjHh7UTGT6GTSp2H2Fm3ZEKKNhcmNKpzeaWVjZhubol5av8VE1eCniPHWaqpipNHygRcnJmar865kgYgbbavMX5sI1wRNXhnQgRpCrojJ/Tug7jEbA59kpp5Y5JBecXvDf3H78pIba0TbnSXkHWv9ZIB+MM5P7TXu7PBX0EKS3aArw1qEsyVAKuSug9iltmC7WtFRkGXV7ERL12MArH5bZUpdHaE60Gly7O~-1~||1-NeINxvBFNa-1-10-1000-2||~-1 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests frame-ancestors * |
Strict-Transport-Security | max-age=63072000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | ALLOWALL |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-cdn.mypurecloud.com.au
api.mypurecloud.com.au
apps.mypurecloud.com.au
bam-cell.nr-data.net
cdn.auth0.com
click.e.newscorpaus.com.au
js-agent.newrelic.com
login.newscorpaustralia.com
myprofile.news.com.au
nebula-cdn.kampyle.com
resourcesssl.newscdn.com.au
www.google.com
www.gstatic.com
bam-cell.nr-data.net
login.newscorpaustralia.com
myprofile.news.com.au
104.75.88.206
104.89.9.110
13.111.42.15
13.239.107.226
143.204.207.119
151.101.130.137
151.101.65.175
162.247.243.146
2a00:1450:4001:82f::2003
2a00:1450:4014:80f::2004
65.9.86.68
85.222.140.13
99.86.4.22
006a6ea4b26c9ba860c5b3d38300121dbd4206a14ab34c7ea75920917e735924
0195c7b710eec4f5b6506e15152fa74ebd5212eb0da50ff8f708c414c23890cf
0f9072d03fcdf2c63c01e36411dd665162e223d31428f1a89bbab0473f55abd6
13e8b4f6220702a10a7566fb389055fedd388a364975146c8d2780c1d2fdc0d0
22673948aaac698c19f2655da8599d809555afee233eaa7c40a72d50a2fe57ec
274a08ddc700fc754cb977c38b9fa34cc0dac17b9d768da40c81b502b97862f6
370d177088ef9116b3e2d182fdd5bbbc87ea3df30d4014d699ea827a0b4d499d
37869bc88791225a9ffb4e87899f2b531c6a6a885dc86c9b03954b017cc56e5d
378bccecf18292dcd22d7079658a59dc3bc05652597e770846b9e8665c996f2b
40cf00467a1593d2c9a41f50437cf2d7c372e78c7dc4276e9ca01ed18772adcd
451b7d088d008e4bc4a296329643f39e99181be845bccd21a4f271f81de4da69
454defd5f763503e7d8438db4e71a2b20411a8149b8e096b47c3611de8a14132
46b03393d250ff6f28db549a5780ff7eb55ba9cb2b7e88640fa8b9d0456f8043
5c055daf7e4ddb3868fe66e79324254c81441a0385aa0542443f6d2612e8ec9f
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
6a54f8d449f8eb8828adcaf0de34614220f9f5402b1de5f61aae9e362c076d85
715a04e3152423b14cb30eaea1ccdd290099a301d990ec3dca85cc7983210576
72dd3f28519ea1f14ab5bcfb89fd08016ca18f61e792a70abbef336aaab39e1f
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
83735bbc6ef3247fa656770e5ba56b2732b1d019c43be56b3a26759d3f1ae663
8376431f05ed0574aa914db9f36153ed5837a067d6d3450847c49d89b37ad1bf
869f980c3c236f5385e40271724526cb90f694aa7046c463abfbe4c0148bacad
874437e27e97a86da894c33508123bacba74c260e211d3bea4f13c3f46033db9
a63540aa2a97c549fe93e0aac747a34467cd51b2fb36c4d10c4a318eff39c213
a6a3d793a5dcd1ee8478803d72372dc527f80cb35d2e475b81e07e5801bb3143
a8d4442de56c92272f92183aaef4c5bf6f955f7c04ef703b5f0bee1b2ad00278
aa1ae4863c3c90096808ce516373644c9a4881e5bd5461298afa3d3330d818b4
abaf605eca63d9043f3fabb4dc886092a2ce9282b80a19bf187f116675807ec3
bb619ed51448a1da3305a765bd0f03477bca62295de9603b7c4f707f86b48101
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
bf205fc7cadf17b7ffef35eb8f6ee61ab89bef9f6969e26e3c3470baf672cd0e
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d3c7c5e9e7ebc207399100b6579a507f8b35dd13a990319dfcbbbeaeb9d5018b
d7e9852ce9f4cf46a09a3dad29bf1717367aabc3c2fa76439e1255f1b7618d70
d91174378e0e0d901236915fa4cfffb88ddb90684ba62b8bfc57e85bee493297
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa43fd4073d3976c0bc94de0d58e6f81290443515528b60e80aa889fa38f80c2